Prisma
Node.js / TypeScriptA Prisma-shaped repository for findMany, findUnique, create, update, delete, and upsert. It is not a Prisma driver adapter and does not run Prisma query-engine plans.
kynetradb is a self-hostable backend engine — BM25 full-text search, HNSW vector similarity, auth, realtime channels, file storage, and read replicas — compiled into a single Rust binary that runs on any cloud, any VPS, or your own machine. No fleet of containers. No vendor. You own everything.
A fully-typed TypeScript SDK with a fluent builder chain — from().select().eq().order() —
covering queries, auth, storage, realtime channels, and edge functions under one import.
Works in any TypeScript/JavaScript runtime: Node, Deno, Bun, browser.
import { createClient } from '@kynetra/client'
const kdb = createClient('https://api.myapp.com', PUBLISHABLE_KEY)
// Query — fluent builder, fully typed
const { data, error } = await kdb
.from('posts')
.select('id, title, author(name)')
.eq('published', true)
.order('created_at', { ascending: false })
.range(0, 19)
// Auth
const { data: { session } } = await kdb.auth.signInWithPassword({ email, password })
const { data: { user } } = await kdb.auth.getUser()
// Storage
await kdb.storage.from('avatars').upload(`${user.id}.png`, file)
const { data: { publicUrl } } = kdb.storage.from('avatars').getPublicUrl(fileId)
// Realtime — change events + presence + broadcast
kdb.channel('live')
.on('postgres_changes', { event: 'INSERT', table: 'messages' }, payload => {
console.log('new message', payload.new)
})
.subscribe()
// Edge functions
await kdb.functions.invoke('send-welcome', { body: { userId: user.id } })
// Full-text + vector search
const { data: hits } = await kdb.from('docs').textSearch('body', 'rust async')
const nearest = await kdb.rpc('vector_search', { query: embedding, top_k: 10 }) npm install @kynetra/client
ESM + CJS + TypeScript types included. No peer dependencies. Works with Next.js, Remix, SvelteKit, React Native, and Node scripts.
const kdb = createClient( process.env.KYNETRA_URL, process.env.KYNETRA_KEY )
Prisma and Drizzle shaped HTTP previews plus bridge starters for ten established ORM ecosystems. Every entry publishes its transaction, migration, and feature boundary.
A Prisma-shaped repository for findMany, findUnique, create, update, delete, and upsert. It is not a Prisma driver adapter and does not run Prisma query-engine plans.
A Drizzle-shaped select builder with typed condition nodes and a bridge pgTable schema. It is not a drizzle-orm database driver.
A SQLAlchemy 2.x declarative mapping for bridge entities and JSON attributes.
A JPA entity mapping for the bridge table with JSON and array columns.
An EF Core entity and model configuration for Npgsql-backed bridge deployments.
An unmanaged Django model for reading and writing bridge entities without owning migrations.
A Rails model for the bridge table with ownership and validation boundaries.
A Sequelize model definition for JSONB attributes and float-array embeddings.
A TypeORM entity mapping for the bridge-owned table.
A Diesel table declaration and queryable bridge entity.
A GORM model using pgtype for JSONB and float-array bridge columns.
An Ecto schema for bridge entities with migration ownership disabled.
Fluent typed builder: from().select().eq().order(). Auth, storage, realtime channels, and edge functions — all under one import. REST API at /rest/v1 with select/filter/order/embed/count/upsert/pagination.
Primary writes to a Postgres WAL log; N replicas tail the same log via apply_external, serving reads within ~750ms lag. Write proxy transparently forwards mutations from replica to primary. Lag-based /healthz 503.
Deploy to AWS, GCP, Azure, Fly.io, DigitalOcean, Render, Heroku, Railway, Cloudflare, Supabase, Oracle Cloud, Neon, Linode, and Vultr — all from the admin control plane. Circuit breaker on every provider call.
Email + password, refresh tokens, magic-link/OTP, password reset, OAuth (Google/GitHub), anonymous sign-in. bcrypt (cost 12) + HS256 JWT. Routes at /auth/v1/.
auth.uid() policy DSL with per-row enforcement. SELECT/INSERT/UPDATE/DELETE policies evaluated server-side. Service key bypasses RLS; user JWTs and anon keys respect it transparently.
postgres_changes (insert/update/delete) + presence + broadcast over channels. RLS-filtered so subscribers only see permitted rows.
Public and private buckets. Signed, time-boxed URLs. Object RLS. Two backends: local content-addressable or any S3-compatible endpoint (AWS S3, R2, MinIO, Wasabi, Spaces). SigV4 built-in.
BM25 full-text (1.07 ms @ 100k, case + accent folding, parallel scoring). HNSW vector search via instant-distance (cosine, threadsafe hot-swap). pgvector offload opt-in. No separate services. No CDC pipelines.
Tamper-evident hash-chained audit log (JSONL, /admin/audit/verify). Deep health probes (/healthz, /readyz) with per-check breakdown. Latency ring-buffer → p50/p95/p99 + error rate at /admin/db/metrics.
MCP server (JSON-RPC 2.0 over stdio) with kynetra_put/get/filter/search/vector_search/stats. Remote CLI with --remote flag. HMAC-SHA256 signed outbound webhooks. SHA-256 hashed API token management.
Full SaaS control plane: Organizations → Projects → Members. Per-project isolated data, auth, storage, and API keys. Kind-prefixed isolation makes cross-tenant data access impossible by construction.
10 typed built-in actions, a real LLM tool-use loop (Anthropic + OpenAI + Ollama), persisted run audit trail, and an embedded admin SPA at /admin/v2. No JS build step.
Most backend stacks are a fleet of processes — a database, a search engine, a cache, an auth service, a storage API, a realtime broker. Each one is a separate deploy, a separate failure surface, and a separate ops burden.
kynetradb collapses all of that into a single Rust binary with one WAL, one log replay at boot, and one process to monitor:
Your app (Next.js / React / Vue / mobile / CLI / MCP)
│
│ @kynetra/client · REST · MCP · CLI
▼
kynetradb ─── one process · one Dockerfile · one WAL
├── /rest/v1 query layer (select/filter/order/embed)
├── /auth/v1 email + OAuth + JWT + RLS
├── /storage/v1 buckets · signed URLs · S3-compatible
├── /realtime/v1 WebSocket channels · presence · broadcast
├── /functions/v1 WASM edge functions
├── BM25 full-text 1.07 ms @ 100k ← built-in
├── HNSW vector 2.21 ms @ 100k ← built-in
└── Read replicas WAL fan-out · ~750ms lag ← built-in One ingest. One query surface. 14 deploy targets. Zero vendor dependency.
BaaS bridge: @kynetra/client TypeScript SDK (ESM + CJS + types);
PostgREST-style /rest/v1 (select/filter/order/embed/count/upsert/pagination);
GoTrue-shaped /auth/v1 (email+password, refresh tokens, magic-link/OTP, OAuth Google/GitHub, anonymous);
Row-Level Security with auth.uid() DSL; Realtime WebSocket channels (postgres_changes, presence, broadcast);
Storage buckets + signed URLs + object RLS; Edge functions (WASM, sandboxed, 10s timeout);
Multitenancy (Orgs → Projects → Members).
Infrastructure:
Read replicas via Postgres WAL fan-out (apply_external, ~750ms lag, /healthz 503 on stale).
Write proxy from replica to primary. 14 cloud providers (AWS, GCP, Azure, Fly, DO, Render,
Heroku, Railway, Cloudflare, Supabase, Oracle, Neon, Linode, Vultr) with deploy/resize/destroy.
Circuit breaker on provider calls. Deep health probes + p50/p95/p99 latency ring-buffer.
Tamper-evident hash-chained audit log. API token management + HMAC webhooks.
MCP server (JSON-RPC 2.0). Remote CLI.
Search:
BM25 full-text (1.07 ms @ 100k, parallel, case + accent folding).
HNSW vector search via instant-distance (cosine, threadsafe hot-swap, brute-force fallback).
pgvector write-sync + offload opt-in.
HNSW index persistence (snapshot survives restart) — Phase 2.3, in progress.
Auto-rebuild trigger on write threshold — Phase 2.3.
Recall / p99 integration test at 10M vectors — Phase 2.2.
Multi-writer clustering (single primary WAL today) — Phase 3.
Snapshot-and-tail boot (unbounded dataset per node) — Phase 3.
Shard the log (write scale) — Phase 4.
tantivy-grade fuzzy matching + synonyms.
Storage image transforms (width/height/resize).
Per-provider live deploy for all providers (14 wired; cloud-specific APIs vary).
Studio policy editor in /admin/v2.
This is v0.8 — working code, honest README. Read the full State section before betting anything serious on it.